/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.191 - (hide annotations) (download)
Sat Oct 13 17:42:37 2007 UTC (6 years, 9 months ago) by phreak
Branch: MAIN
Changes since 1.190: +8 -1 lines
Initial hardened-sources-2.6.23. If people still have problems w/ bug 194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
(Portage version: 2.1.3.9)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 opfer 1.130 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.191 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.190 2007/10/11 00:17:30 phreak Exp $
4    
5     *hardened-sources-2.6.23 (13 Oct 2007)
6    
7     13 Oct 2007; Christian Heim <phreak@gentoo.org>
8     +hardened-sources-2.6.23.ebuild:
9     Initial hardened-sources-2.6.23. If people still have problems w/ bug
10     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
11 phreak 1.190
12     11 Oct 2007; Christian Heim <phreak@gentoo.org>
13     hardened-sources-2.6.20-r10.ebuild:
14     Pulling in yet another new genpatches version, fixing the PWC bug for real.
15 phreak 1.189
16     04 Oct 2007; Christian Heim <phreak@gentoo.org>
17     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
18     Removing old versions.
19 phreak 1.188
20     *hardened-sources-2.6.22-r7 (01 Oct 2007)
21    
22     01 Oct 2007; Christian Heim <phreak@gentoo.org>
23     +hardened-sources-2.6.22-r7.ebuild:
24     Revision bump, pulling in a newer patch. Should fix #194276.
25 phreak 1.187
26     30 Sep 2007; Christian Heim <phreak@gentoo.org>
27     hardened-sources-2.6.20-r10.ebuild:
28     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
29     Mike Doty).
30 phreak 1.186
31     *hardened-sources-2.6.22-r6 (26 Sep 2007)
32    
33     26 Sep 2007; Christian Heim <phreak@gentoo.org>
34     +hardened-sources-2.6.22-r6.ebuild:
35     Revision bump, grabbing up till Linux 2.6.22.9.
36 phreak 1.185
37     24 Sep 2007; Christian Heim <phreak@gentoo.org>
38     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
39     Cleaning up further.
40 phreak 1.184
41     *hardened-sources-2.6.20-r10 (24 Sep 2007)
42    
43     24 Sep 2007; Christian Heim <phreak@gentoo.org>
44     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
45     +hardened-sources-2.6.20-r10.ebuild:
46     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
47     revisions.
48 phreak 1.183
49     *hardened-sources-2.6.22-r5 (22 Sep 2007)
50    
51     22 Sep 2007; Christian Heim <phreak@gentoo.org>
52     +hardened-sources-2.6.22-r5.ebuild:
53     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
54 phreak 1.182
55     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
56     Removing johnm from metadata.xml (see #186467 for reference).
57 phreak 1.181
58     *hardened-sources-2.6.22-r4 (17 Sep 2007)
59    
60     17 Sep 2007; Christian Heim <phreak@gentoo.org>
61     +hardened-sources-2.6.22-r4.ebuild:
62     Revision bump, hopefully fixing all those weird PAX failures.
63 phreak 1.180
64     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
65     Updating the metadata.xml.
66 phreak 1.179
67     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
68     Removing tocharian from metadata due to his retirement (see #71718 for
69     reference).
70 phreak 1.178
71     *hardened-sources-2.6.20-r9 (30 Aug 2007)
72    
73     30 Aug 2007; Christian Heim <phreak@gentoo.org>
74     +hardened-sources-2.6.20-r9.ebuild:
75     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
76 phreak 1.177
77     29 Aug 2007; Christian Heim <phreak@gentoo.org>
78     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
79     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
80     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
81     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
82     -hardened-sources-2.6.22-r2.ebuild:
83     Removing some redundant versions.
84 phreak 1.176
85     *hardened-sources-2.4.35-r1 (29 Aug 2007)
86    
87     29 Aug 2007; Christian Heim <phreak@gentoo.org>
88     +hardened-sources-2.4.35-r1.ebuild:
89     Revision bump, new grsecurity patch.
90 phreak 1.175
91     *hardened-sources-2.6.20-r8 (26 Aug 2007)
92    
93     26 Aug 2007; Christian Heim <phreak@gentoo.org>
94     +hardened-sources-2.6.20-r8.ebuild:
95     Revision bump for Linux 2.6.20.17.
96 phreak 1.174
97     *hardened-sources-2.6.22-r3 (22 Aug 2007)
98    
99     22 Aug 2007; Christian Heim <phreak@gentoo.org>
100     +hardened-sources-2.6.22-r3.ebuild:
101     Revision bump for Linux 2.6.22.4.
102 phreak 1.173
103     16 Aug 2007; Christian Heim <phreak@gentoo.org>
104     hardened-sources-2.6.22-r2.ebuild:
105     Updated patchset, to fix the alignment against 2.6.22.3.
106 phreak 1.172
107     *hardened-sources-2.6.22-r2 (16 Aug 2007)
108    
109     16 Aug 2007; Christian Heim <phreak@gentoo.org>
110     +hardened-sources-2.6.22-r2.ebuild:
111     Revision bump for Linux 2.6.22.3.
112 phreak 1.171
113     *hardened-sources-2.4.35 (16 Aug 2007)
114    
115     16 Aug 2007; Christian Heim <phreak@gentoo.org>
116     +hardened-sources-2.4.35.ebuild:
117     Version bump, initial version for Linux 2.4.35.
118 phreak 1.170
119     *hardened-sources-2.6.21-r4 (16 Aug 2007)
120    
121     16 Aug 2007; Christian Heim <phreak@gentoo.org>
122     +hardened-sources-2.6.21-r4.ebuild:
123     Revision bump for Linux 2.6.21.6.
124 phreak 1.169
125     *hardened-sources-2.6.20-r7 (16 Aug 2007)
126    
127     16 Aug 2007; Christian Heim <phreak@gentoo.org>
128     +hardened-sources-2.6.20-r7.ebuild:
129     Revision bump for Linux 2.6.20.16.
130 phreak 1.168
131     *hardened-sources-2.6.22-r1 (13 Aug 2007)
132    
133     13 Aug 2007; Christian Heim <phreak@gentoo.org>
134     +hardened-sources-2.6.22-r1.ebuild:
135     Yet another revision bump.
136 phreak 1.167
137     *hardened-sources-2.6.22 (10 Aug 2007)
138    
139     10 Aug 2007; Christian Heim <phreak@gentoo.org>
140     +hardened-sources-2.6.22.ebuild:
141     Initial release for 2.6.22. If you are using hardened-sources on a desktop
142     machine (P4 or newer), be aware you might need to disable
143     CONFIG_PAX_PAGEEXEC.
144 phreak 1.166
145     04 Aug 2007; Christian Heim <phreak@gentoo.org>
146     hardened-sources-2.6.20-r6.ebuild:
147     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
148     2.6.20.15.
149 phreak 1.165
150     10 Jul 2007; Christian Heim <phreak@gentoo.org>
151     hardened-sources-2.6.20-r5.ebuild:
152     Marking hardened-sources-2.6.20-r5 stable on ppc.
153 phreak 1.164
154     10 Jul 2007; Christian Heim <phreak@gentoo.org>
155     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
156     Cleanup.
157 phreak 1.163
158     *hardened-sources-2.6.20-r6 (08 Jul 2007)
159    
160     08 Jul 2007; Christian Heim <phreak@gentoo.org>
161     +hardened-sources-2.6.20-r6.ebuild:
162     Revision bump, grabbing yet another stable release.
163 phreak 1.162
164     17 Jun 2007; Christian Heim <phreak@gentoo.org>
165     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
166     -hardened-sources-2.6.21-r2.ebuild:
167     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
168     alpha stable KEYWORD by mistake.
169 phreak 1.161
170     17 Jun 2007; Christian Heim <phreak@gentoo.org>
171     hardened-sources-2.6.20-r5.ebuild:
172     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
173     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
174 phreak 1.160
175     *hardened-sources-2.6.21-r3 (12 Jun 2007)
176    
177     12 Jun 2007; Christian Heim <phreak@gentoo.org>
178     +hardened-sources-2.6.21-r3.ebuild:
179     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
180     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
181     love.
182 phreak 1.159
183     *hardened-sources-2.6.20-r5 (11 Jun 2007)
184    
185     11 Jun 2007; Christian Heim <phreak@gentoo.org>
186     +hardened-sources-2.6.20-r5.ebuild:
187     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
188     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
189     love.
190 pappy 1.158
191     *hardened-sources-2.4.34.5 (11 Jun 2007)
192    
193     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
194     +hardened-sources-2.4.34.5.ebuild:
195     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
196 phreak 1.157
197     30 May 2007; Christian Heim <phreak@gentoo.org>
198     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
199     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
200     stale ebuild(s).
201 phreak 1.156
202     30 May 2007; Christian Heim <phreak@gentoo.org>
203     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
204     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
205     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
206     Doing some cleanups, remove stale ebuilds.
207 phreak 1.155
208     26 May 2007; Christian Heim <phreak@gentoo.org>
209     hardened-sources-2.6.21-r2.ebuild:
210     Fixing the grsecurity patch, had one '};' too much.
211 phreak 1.154
212     *hardened-sources-2.6.21-r2 (26 May 2007)
213    
214     26 May 2007; Christian Heim <phreak@gentoo.org>
215     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
216     +hardened-sources-2.6.21-r2.ebuild:
217     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
218     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
219 phreak 1.153
220     *hardened-sources-2.6.20-r4 (26 May 2007)
221    
222     26 May 2007; Christian Heim <phreak@gentoo.org>
223     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
224     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
225 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
226 phreak 1.152
227     15 May 2007; Christian Heim <phreak@gentoo.org>
228     hardened-sources-2.6.20-r3.ebuild:
229     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
230     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
231     grsecurity patch fail in that exact same hunk.
232 phreak 1.151
233     *hardened-sources-2.6.20-r3 (15 May 2007)
234    
235     15 May 2007; Christian Heim <phreak@gentoo.org>
236     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
237     Revision bump, incorporating Linux 2.6.20.11.
238    
239     *hardened-sources-2.6.21-r1 (11 May 2007)
240    
241     11 May 2007; Christian Heim <phreak@gentoo.org>
242     +hardened-sources-2.6.21-r1.ebuild:
243     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
244     mentioned in #177234.
245 kevquinn 1.150
246     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
247     files/digest-hardened-sources-2.6.21, Manifest:
248     Fix Manifest/digest for linux-2.6.21.tar.bz2
249 phreak 1.149
250     06 May 2007; Christian Heim <phreak@gentoo.org>
251     hardened-sources-2.6.21.ebuild:
252     Bumping the hardened-patches version, needed for the fix for #177234.
253 phreak 1.148
254     *hardened-sources-2.6.21 (02 May 2007)
255    
256     02 May 2007; Christian Heim <phreak@gentoo.org>
257     +hardened-sources-2.6.21.ebuild:
258     Version bump, Linux 2.6.21-hardened.
259 phreak 1.147
260     29 Apr 2007; Christian Heim <phreak@gentoo.org>
261     hardened-sources-2.6.20-r2.ebuild:
262     Adding ~ia64 on Ned's request.
263 phreak 1.146
264     29 Apr 2007; Christian Heim <phreak@gentoo.org>
265     hardened-sources-2.6.20-r2.ebuild:
266     Fixing the included grsecurity patch, wasn't alligning due to the Index:
267     header line(s).
268 phreak 1.145
269     29 Apr 2007; Christian Heim <phreak@gentoo.org>
270     hardened-sources-2.6.20-r2.ebuild:
271     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
272 armin76 1.144
273     *hardened-sources-2.6.20-r2 (10 Apr 2007)
274    
275     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
276     +hardened-sources-2.6.20-r2.ebuild:
277     Version bump, on behalf of phreak
278 phreak 1.143
279     *hardened-sources-2.6.20-r1 (04 Apr 2007)
280    
281     04 Apr 2007; Christian Heim <phreak@gentoo.org>
282     +hardened-sources-2.6.20-r1.ebuild:
283     Revision bump, grabbing a newer grsecurity snapshot.
284 phreak 1.142
285     *hardened-sources-2.6.20 (25 Mar 2007)
286    
287     25 Mar 2007; Christian Heim <phreak@gentoo.org>
288     +hardened-sources-2.6.20.ebuild:
289     Finally a hardened-sources version for 2.6.20; many people have been waiting
290     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
291     testbox.
292 chainsaw 1.141
293     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
294     hardened-sources-2.6.18-r6.ebuild:
295     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
296 phreak 1.140
297     *hardened-sources-2.6.18-r6 (16 Mar 2007)
298    
299     16 Mar 2007; Christian Heim <phreak@gentoo.org>
300     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
301     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
302     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
303     supposed to be.
304 phreak 1.139
305     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
306     Fixing the Manifest, the previous one was broken (as in still had the
307     deleted ebuild in it).
308 phreak 1.138
309     06 Mar 2007; Christian Heim <phreak@gentoo.org>
310     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
311     +hardened-sources-2.6.18-r5.ebuild:
312     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
313     Linux 2.6.18.8. Also cleaning up the older version.
314    
315     *hardened-sources-2.6.18-r5 (06 Mar 2007)
316    
317     06 Mar 2007; Christian Heim <phreak@gentoo.org>
318     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
319     +hardened-sources-2.6.18-r5.ebuild:
320     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
321     Linux 2.6.18.8. Also cleaning up the older version.
322 phreak 1.137
323     24 Feb 2007; Christian Heim <phreak@gentoo.org>
324     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
325     -hardened-sources-2.6.19-r5.ebuild:
326     Removing some of the old version, that didn't work.
327 phreak 1.136
328     *hardened-sources-2.6.19-r6 (12 Feb 2007)
329    
330     12 Feb 2007; Christian Heim <phreak@gentoo.org>
331     +hardened-sources-2.6.19-r6.ebuild:
332     Revision bump, including a new grsec version fixing #166235.
333 pappy 1.134
334     *hardened-sources-2.4.34 (24 Jan 2007)
335    
336     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
337 pappy 1.135 Manifest:
338     updating Manifest with checksums of new tarball and ebuild
339    
340     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
341 pappy 1.134 +hardened-sources-2.4.34.ebuild:
342     I added new hardened sources 2.4 update, this is a critical path
343     security bugfix - all users of h-s are strongly advised
344     to update their existing hardened sources to this version.
345     It contains a fix for a kernel vulnerability that is pertaining
346     to the PaX changes to virtual memory management, possibly leading
347     to a local kernel exploit ... see grsecurity.net forums and homepage
348 phreak 1.133
349     23 Jan 2007; Christian Heim <phreak@gentoo.org>
350     files/digest-hardened-sources-2.6.19-r5, Manifest:
351     Fixing the patch-tarball digest.
352 phreak 1.132
353     *hardened-sources-2.6.19-r5 (23 Jan 2007)
354    
355     23 Jan 2007; Christian Heim <phreak@gentoo.org>
356     +hardened-sources-2.6.19-r5.ebuild:
357     Revision bump, closing the recently discovered PaX expand_stack()
358     vulnerability.
359 phreak 1.131
360     *hardened-sources-2.6.19-r4 (14 Jan 2007)
361    
362     14 Jan 2007; Christian Heim <phreak@gentoo.org>
363     +hardened-sources-2.6.19-r4.ebuild:
364     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
365     dropping the randomized PID feature.
366 opfer 1.130
367     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
368     hardened-sources-2.4.33.4.ebuild:
369     stable x86, bug #161171
370 phreak 1.129
371     *hardened-sources-2.6.19-r3 (27 Dec 2006)
372    
373     27 Dec 2006; Christian Heim <phreak@gentoo.org>
374     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
375     Revision bump for bug #157186 and #158786.
376 phreak 1.128
377     *hardened-sources-2.6.18-r4 (27 Dec 2006)
378    
379     27 Dec 2006; Christian Heim <phreak@gentoo.org>
380     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
381     Revision bump for bug #157186.
382 phreak 1.127
383     *hardened-sources-2.6.19-r2 (23 Dec 2006)
384    
385     23 Dec 2006; Christian Heim <phreak@gentoo.org>
386     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
387     Revision bump to pull in genpatches-2.6.19-3 for #157186.
388 phreak 1.126
389     17 Dec 2006; Christian Heim <phreak@gentoo.org>
390     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
391     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
392     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
393     hardened-sources-2.6.19-r1.ebuild:
394     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
395     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
396 pappy 1.125
397     *hardened-sources-2.4.33.4 (17 Dec 2006)
398    
399     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
400     +hardened-sources-2.4.33.4.ebuild:
401     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
402     and quilting
403 phreak 1.124
404     *hardened-sources-2.6.19-r1 (14 Dec 2006)
405    
406     14 Dec 2006; Christian Heim <phreak@gentoo.org>
407     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
408     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
409     for reporting).
410 phreak 1.123
411     *hardened-sources-2.6.19 (13 Dec 2006)
412    
413     13 Dec 2006; Christian Heim <phreak@gentoo.org>
414     +hardened-sources-2.6.19.ebuild:
415     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
416     Brad for providing that prompt update.
417 phreak 1.122
418     *hardened-sources-2.6.18-r3 (13 Dec 2006)
419    
420     13 Dec 2006; Christian Heim <phreak@gentoo.org>
421     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
422     +hardened-sources-2.6.18-r3.ebuild:
423     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
424     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
425 phreak 1.121
426     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
427     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
428 nixnut 1.120
429     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
430     Stable on ppc wrt bug 157356
431 opfer 1.119
432     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
433     hardened-sources-2.6.18.ebuild:
434     stable x86, bug #157356
435 phreak 1.118
436     *hardened-sources-2.6.18-r2 (06 Dec 2006)
437    
438     06 Dec 2006; Christian Heim <phreak@gentoo.org>
439     +hardened-sources-2.6.18-r2.ebuild:
440     Revision bump, including 2.6.18.5 (via genpatches) and
441     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
442     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
443     redesign.
444 phreak 1.117
445     06 Dec 2006; Christian Heim <phreak@gentoo.org>
446     hardened-sources-2.6.18.ebuild:
447     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
448     of Mike Doty).
449 phreak 1.116
450     *hardened-sources-2.6.18-r1 (23 Nov 2006)
451    
452     23 Nov 2006; Christian Heim <phreak@gentoo.org>
453     +hardened-sources-2.6.18-r1.ebuild:
454     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
455 phreak 1.115
456     *hardened-sources-2.6.18 (11 Nov 2006)
457    
458     11 Nov 2006; Christian Heim <phreak@gentoo.org>
459     +hardened-sources-2.6.18.ebuild:
460     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
461 solar 1.114
462     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
463     - mark amd64 stable also. bug #151877
464 solar 1.113
465     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
466     - mark 2.6.17-r1 stable
467 phreak 1.112
468     27 Aug 2006; Christian Heim <phreak@gentoo.org>
469     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
470     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
471 phreak 1.111
472     *hardened-sources-2.6.17-r1 (26 Aug 2006)
473    
474     26 Aug 2006; Christian Heim <phreak@gentoo.org>
475     +hardened-sources-2.6.17-r1.ebuild:
476     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
477     grsecurity patch.
478 phreak 1.110
479     *hardened-sources-2.6.17 (17 Aug 2006)
480    
481     17 Aug 2006; Christian Heim <phreak@gentoo.org>
482     +hardened-sources-2.6.17.ebuild:
483     Bumping the hardened-sources-2.6 series to 2.6.17, using
484     genpatches-2.6.17-6.base.
485 solar 1.109
486     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
487     - stable on x86 and amd64
488 solar 1.108
489     *hardened-sources-2.6.16-r11 (15 Jul 2006)
490    
491     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
492     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
493     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
494     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
495     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
496     crusty ebuilds
497 johnm 1.107
498     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
499     hardened-sources-2.6.16-r10.ebuild:
500     marking stable on x86 and amd64
501 solar 1.106
502     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
503     - 2.4.32-r6 stable on x86. RSBAC state unknown
504 kang 1.105
505     *hardened-sources-2.4.32-r7 (10 Jul 2006)
506    
507     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
508     +hardened-sources-2.4.32-r7.ebuild:
509     Bump PaX for RSBAC to test-17
510 johnm 1.104
511     *hardened-sources-2.6.16-r9 (03 Jul 2006)
512    
513     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
514     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
515     hardened-sources-2.6.16 bump to latest -base.
516 solar 1.103
517     *hardened-sources-2.4.32-r6 (30 Jun 2006)
518    
519     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
520     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
521     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
522     sysctl controlable resource logging
523 johnm 1.102
524     *hardened-sources-2.6.16-r7 (05 Jun 2006)
525    
526     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
527     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
528     push new 2.6.16 release in preparation for stable
529 solar 1.101
530     22 May 2006; <solar@gentoo.org> :
531     - redigest bug 134002
532 kang 1.100
533     *hardened-sources-2.4.32-r5 (16 May 2006)
534    
535     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
536     +hardened-sources-2.4.32-r5.ebuild:
537     Fixes rsbac common patching (new patch in new -r5 patchset)
538 solar 1.99
539     *hardened-sources-2.4.32-r4 (13 May 2006)
540    
541     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
542     +hardened-sources-2.4.32-r4.ebuild:
543     - security bumps
544 johnm 1.98
545     *hardened-sources-2.6.16-r6 (03 May 2006)
546    
547     03 May 2006; John Mylchreest <johnm@gentoo.org>
548     +hardened-sources-2.6.16-r6.ebuild:
549     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
550 johnm 1.97
551     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
552     hardened-sources-2.6.14-r8.ebuild:
553     fix x86_64 build problem, this will delay the digest issue again for a short
554     while but it will sort itself out
555 johnm 1.96
556     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
557     hardened-sources-2.6.14-r8.ebuild:
558     bump hardened patchset
559 antarus 1.94
560     27 Apr 2006; Alec Warner <antarus@gentoo.org>
561     files/digest-hardened-sources-2.4.32-r2,
562     files/digest-hardened-sources-2.4.32-r3,
563     files/digest-hardened-sources-2.6.14-r8, Manifest:
564     Fixing duff SHA256 digests: Bug # 131293
565 johnm 1.93
566 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
567    
568     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
569     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
570     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
571     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
572     cleanup of old uneccessary sources
573    
574 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
575     fix digest
576 johnm 1.92
577     *hardened-sources-2.6.14-r8 (20 Apr 2006)
578    
579     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
580     +hardened-sources-2.6.14-r8.ebuild:
581     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
582 johnm 1.91
583     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
584     Turning on gpg-signing again, and recomitting
585 johnm 1.90
586     *hardened-sources-2.6.16-r4 (20 Apr 2006)
587    
588     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
589     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
590     +hardened-sources-2.6.16-r4.ebuild:
591     Fix numerous security vulns
592 solar 1.89
593     *hardened-sources-2.4.32-r3 (16 Apr 2006)
594    
595     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
596     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
597     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
598     - security bump for bug #112791. Removed old ebuilds
599 johnm 1.88
600     *hardened-sources-2.6.16-r3 (15 Apr 2006)
601    
602     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
603     +hardened-sources-2.6.16-r3.ebuild:
604     Removing silly localversion which I missed
605 johnm 1.87
606     *hardened-sources-2.6.14-r7 (14 Apr 2006)
607    
608     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
609     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
610     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
611 johnm 1.86
612     *hardened-sources-2.6.16-r2 (13 Apr 2006)
613    
614     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
615     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
616     +hardened-sources-2.6.16-r2.ebuild:
617     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
618     labels, dropping USERGROUP define fixes, since these were merged mainstream.
619 johnm 1.85
620     *hardened-sources-2.6.16-r1 (11 Apr 2006)
621    
622     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
623     +hardened-sources-2.6.16-r1.ebuild:
624     Bumping to include ppc build fix and 2.6.16.3
625 tsunam 1.84
626     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
627     hardened-sources-2.6.14-r6.ebuild:
628     Stable on x86; bug #127718
629 johnm 1.83
630     *hardened-sources-2.6.16 (31 Mar 2006)
631    
632     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
633     +hardened-sources-2.6.16.ebuild:
634     Bumping to new version of grsec, and kernel base. New squashfs. Based on
635     2.6.16.1
636 cryos 1.82
637     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
638     hardened-sources-2.6.14-r6.ebuild:
639     Stable on amd64, bug 127718.
640 nixnut 1.81
641     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
642     Stable on ppc. Bug #127718
643 johnm 1.80
644     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
645     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
646     -hardened-sources-2.6.14-r4.ebuild:
647     Cleanup.
648 johnm 1.79
649     *hardened-sources-2.6.14-r6 (15 Mar 2006)
650    
651     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
652     +hardened-sources-2.6.14-r6.ebuild:
653     Fixes grsec policy recreation bug and adds a
654     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
655 solar 1.78
656     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
657     - stable on x86
658 hansmi 1.77
659     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
660     hardened-sources-2.6.14-r5.ebuild:
661     Stable on ppc.
662 johnm 1.76
663     *hardened-sources-2.6.14-r5 (01 Feb 2006)
664    
665     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
666     +hardened-sources-2.6.14-r5.ebuild:
667     fixing every known exploit
668 solar 1.75
669     *hardened-sources-2.4.32-r2 (26 Jan 2006)
670    
671     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
672     +hardened-sources-2.4.32-r2.ebuild:
673     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
674 solar 1.74
675     *hardened-sources-2.6.14-r4 (12 Jan 2006)
676    
677     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
678     - version bump for new genpatches which fix up a few sec holes
679 solar 1.73
680     *hardened-sources-2.4.32-r1 (05 Jan 2006)
681    
682     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
683     - revision bump to add misc vital linux kernel security patches.
684 johnm 1.72
685     *hardened-sources-2.6.14-r3 (30 Dec 2005)
686    
687     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
688     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
689     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
690 johnm 1.71
691     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
692     hardened-sources-2.6.14-r2.ebuild:
693     making x86 & amd64 stable following testing.
694 johnm 1.70
695     *hardened-sources-2.6.14-r2 (27 Dec 2005)
696    
697     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
698     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
699     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
700     network hooks.
701 johnm 1.69
702     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
703     hardened-sources-2.6.14-r1.ebuild:
704     bumping to stable early for sec fix on x86 & amd64
705 johnm 1.68
706     *hardened-sources-2.6.14-r1 (05 Dec 2005)
707    
708     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
709     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
710     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
711 solar 1.67
712     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
713     - stable on x86 security bug #114227 CAN-2005-3257
714 kang 1.66
715     *hardened-sources-2.4.32 (19 Nov 2005)
716    
717     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
718     +hardened-sources-2.4.32.ebuild:
719     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
720     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
721     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
722     rsbac >> /etc/portage/package.use)
723 johnm 1.65
724     *hardened-sources-2.6.14 (14 Nov 2005)
725    
726     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
727     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
728     Bumping 2.6 series to 2.6.14.2
729 johnm 1.64
730     *hardened-sources-2.6.13-r2 (20 Oct 2005)
731    
732     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
733     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
734     +hardened-sources-2.6.13-r2.ebuild:
735     Fixes minor build error in ppc.
736 johnm 1.63
737     *hardened-sources-2.6.13-r1 (17 Oct 2005)
738    
739     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
740     +hardened-sources-2.6.13-r1.ebuild:
741     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
742     2.6.13.4, fixes some major amd64 stability problems.
743 johnm 1.62
744     *hardened-sources-2.6.13 (16 Sep 2005)
745    
746     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
747     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
748     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
749     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
750     users should test this thoroughly.
751 solar 1.61
752     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
753     - stable on x86
754 johnm 1.60
755     *hardened-sources-2.6.11-r15 (27 Jun 2005)
756    
757     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
758     +hardened-sources-2.6.11-r15.ebuild:
759     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
760     grsec redefining curr_ip struct.
761 solar 1.59
762     *hardened-sources-2.4.31 (20 Jun 2005)
763    
764     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
765     initial import of 2.4.31 tree
766 johnm 1.58
767     *hardened-sources-2.6.11-r14 (14 Jun 2005)
768    
769     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
770     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
771     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
772     naming scheme to abide by genpatches
773 johnm 1.57
774     *hardened-sources-2.6.11-r13 (18 May 2005)
775    
776     18 May 2005; John Mylchreest <johnm@gentoo.org>
777     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
778     Managed to mangle the Makefile patch from grsec, to miss out the grsec
779     target. sorry about that. Fixes bug #93022
780 johnm 1.56
781     *hardened-sources-2.6.11-r12 (17 May 2005)
782    
783     17 May 2005; John Mylchreest <johnm@gentoo.org>
784     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
785     +hardened-sources-2.6.11-r12.ebuild:
786     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
787     merges in genpatches-base
788 johnm 1.55
789     *hardened-sources-2.6.11-r12 (17 May 2005)
790    
791     17 May 2005; John Mylchreest <johnm@gentoo.org>
792     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
793     +hardened-sources-2.6.11-r12.ebuild:
794     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
795     merges in genpatches-base
796 solar 1.54
797     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
798     -files/2.4.27-cmdline-race.patch,
799     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
800     -files/2.4.28-grsec-binfmt_a.out.patch,
801     -files/2.4.28-grsec-cmdline-race.patch,
802     -files/2.4.28-selinux-binfmt_a.out.patch,
803     -files/2.4.28-selinux-cmdline-race.patch,
804     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
805     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
806     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
807     cleanup..
808 solar 1.53
809     *hardened-sources-2.4.30-r1 (21 Apr 2005)
810    
811     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
812     - disable aout by default
813 solar 1.52
814     *hardened-sources-2.4.30 (18 Apr 2005)
815    
816     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
817     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
818     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
819     use
820 tocharian 1.50
821 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
822    
823     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
824     +hardened-sources-2.4.29.ebuild:
825     New hardened-patches-2.4-29.0 patchball.
826     Removed SELinux support, upgraded GRSecurity to 2.1.4.
827    
828     *hardened-sources-2.4.28-r5 (06 Mar 2005)
829    
830     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
831     +hardened-sources-2.4.28-r5.ebuild:
832     Added a fix for a PaX vulnerability.
833    
834     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
835 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
836     Stable on x86
837 solar 1.49
838     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
839     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
840     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
841     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
842     - fixed/added RDEPEND= in all kernel-2 ebuilds
843 tocharian 1.48
844     *hardened-sources-2.4.28-r4 (21 Jan 2005)
845    
846     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
847     +hardened-sources-2.4.28-r4.ebuild:
848     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
849     backport of neighbour hash updates.
850 tocharian 1.47
851     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
852     hardened-sources-2.4.28-r3.ebuild:
853     Stable on x86
854 tseng 1.46
855     *hardened-sources-2.6.10-r3 (20 Jan 2005)
856    
857     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
858     +hardened-sources-2.6.10-r3.ebuild:
859     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
860     in 2005.0
861 tocharian 1.45
862     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
863     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
864     hardened-sources-2.4.28-r2.ebuild:
865     Mark stable on x86
866 tocharian 1.44
867     *hardened-sources-2.4.28-r3 (17 Jan 2005)
868    
869     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
870     +hardened-sources-2.4.28-r3.ebuild:
871     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
872 tocharian 1.43
873     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
874     hardened-sources-2.4.28.ebuild:
875     Mark stable on x86.
876 tocharian 1.42
877     *hardened-sources-2.4.28-r2 (13 Jan 2005)
878    
879     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
880     +hardened-sources-2.4.28-r2.ebuild:
881     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
882     Mazinger for grsecurity patches as well.
883 plasmaroo 1.41
884     *hardened-sources-2.4.28-r1 (23 Dec 2004)
885    
886     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
887     Security bump. Thank tocharian for rolling a new patchset...
888 solar 1.40
889     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
890     +files/2.4.28-grsec-cmdline-race.patch,
891     +files/2.4.28-selinux-binfmt_a.out.patch,
892     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
893     - Round up remaining security patches that appear to be missing in 2.4.28. -
894     PaX standalone updated to current. hgpv=28.1
895 solar 1.39
896     *hardened-sources-2.4.28 (28 Nov 2004)
897    
898     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
899     security bump. Thank tocharian for rolling a new patchset
900 scox 1.31
901 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
902    
903     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
904     +hardened-sources-2.4.27-r3.ebuild:
905     Applies the new 2.4-27.2 patchball which updates
906     GRSecurity to the 2.0.1 version.
907    
908 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
909    
910     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
911     +hardened-sources-2.4.27-r2.ebuild:
912     Version bump.
913     This version uses the new 2.4-27.1 patchball which updates
914     both the SELinux PaX hooks patch and the SELinux headers.
915    
916 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
917    
918     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
919     +hardened-sources-2.4.27-r1.ebuild,
920     -hardened-sources-2.4.27.ebuild,
921     +files/2.4.27-cmdline-race.patch:
922     Version bump, fix for cmdline race. See bug #59905.
923    
924     *hardened-sources-2.4.26-r6 (09 Aug 2004)
925    
926     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
927     +hardened-sources-2.4.26-r6.ebuild,
928     -hardened-sources-2.4.26-r5.ebuild,
929     -hardened-sources-2.4.26-r4.ebuild,
930     +files/2.4.26-cmdline-race.patch:
931     Version bump, fix for cmdline race. See bug #59905.
932    
933 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
934    
935     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
936     +hardened-sources-2.4.27.ebuild,
937     +files/2.4.27-CAN-2004-0394.patch:
938     Ported the patchball to the 2.4.27 kernel version.
939    
940 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
941    
942     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
943     +hardened-sources-2.4.26-r5.ebuild:
944 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
945 scox 1.34 It adds the following features:
946     - Squashfs
947     - Ebtables
948     - Netdev random (core+drivers)
949     - Watchdog Timer (WDT) fix.
950    
951 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
952    
953     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
954     +hardened-sources-2.4.26-r4.ebuild,
955     +files/2.4.26-CAN-2004-0415.patch,
956     -hardened-sources-2.4.26-3:
957     Version bump, fix for CAN 0415, see bug #59378.
958    
959 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
960    
961     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
962     +hardened-sources-2.4.26-r3.ebuild,
963     +files/2.4.26-CAN-2004-0497.patch,
964     -hardened-sources-2.4.26-r2.ebuild:
965     Version bump, fixed CAN 0497, see bug #56171.
966    
967 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
968    
969     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
970 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
971 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
972     +files/2.4.26-CAN-2004-0535.patch,
973     -hardened-sources-2.4.26-r1.ebuild:
974     Fixes for both CAN 0495 and 0535, see bug #54976
975 pvdabeel 1.27
976 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
977     hardened-sources-2.4.26-r1.ebuild:
978     QA - fix use invocation
979 scox 1.28
980     *hardened-sources-2.4.26-r1 (22 June 2004)
981    
982     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
983     +hardened-sources-2.4.26-r1.ebuild,
984     +files/2.4.26-CAN-2004-0394.patch,
985     +files/2.4.26-signal-race.patch,
986     -hardened-sources-2.4.26.ebuild,
987     -hardened-sources-2.4.24-r3.ebuild:
988     Version bump for the CAN-2004-0394 issue and bug #53804
989     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
990    
991    
992 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
993     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
994     Masked hardened-sources-2.4.26.ebuild broken for ppc
995    
996     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
997     hardened-sources-2.4.24-r3.ebuild:
998     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
999 plasmaroo 1.25
1000 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1001    
1002     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1003     +hardened-sources-2.4.26.ebuild:
1004     Updated hardened-sources for the 2.4.26 kernel
1005     Removed broken components, updated almost everything.
1006    
1007 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1008    
1009     17 Apr 2004; <plasmaroo@gentoo.org>
1010     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1011     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1012     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1013     +hardened-sources-2.4.24-r3.ebuild:
1014     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1015     vulnerabilities. Old revisions removed.
1016 plasmaroo 1.24
1017     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1018    
1019     15 Apr 2004; <plasmaroo@gentoo.org>
1020     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1021     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1022     Version bump for the CAN-2004-0109 issue; bug #47881.
1023 aliz 1.23
1024     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1025     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1026     Add eutils to inherit.
1027 plasmaroo 1.22
1028     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1029    
1030     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1031     files/hardened-sources-2.4.24.munmap.patch:
1032     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1033 scox 1.19
1034 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1035 scox 1.26
1036 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1037     hardened-sources-2.4.24.ebuild:
1038     Version bump, updated most of the components.
1039     This release includes the following:
1040    
1041     - Hardened security
1042     - Netfilter patch-o-matic 20031219
1043     - FreeSWAN 2.04 & x509 1.4.8
1044     - EVMS 2.2.2
1045     - XFS 1.3.1
1046     - cryptoloop jari
1047     - grsecurity 2.0-rc4
1048     - SELinux
1049     - PaX 200402060000
1050     - PaX Obscurity 200308302223
1051     - Others...
1052    
1053     Neither -ck nor systrace are included anymore.
1054    
1055 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1056    
1057     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1058     hardened-sources-2.4.22-r2.ebuild:
1059 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1060 scox 1.19
1061     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1062 iggy 1.17
1063     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1064 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1065 iggy 1.16
1066     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1067 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1068     Version bump for the 'do_brk' vulnerability.
1069 iggy 1.15
1070     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1071     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1072     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1073     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1074 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1075 frogger 1.14
1076     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1077     hardened-sources-2.4.22.ebuild:
1078 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1079     components. These are no longer handled in the kernel
1080     so this code was not necessary.
1081 frogger 1.13
1082     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1083     New 2.4.22 based hardened-sources thanks to
1084     Phil West <p.west@computer.org>.
1085    
1086     These sources include:
1087 plasmaroo 1.18 - New SELinux API
1088     - Updated CK-base
1089     - Updated GRSec
1090     - Systrace
1091     - SuperFreeS/WAN 1.99.8
1092     - Propolice kernel build support
1093     - EVMS
1094     - Other various security related patches
1095 frogger 1.11
1096 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1097    
1098     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1099     Updated hardened-sources based on the 2.4.21 Linux kernel.
1100     This includes updates to most major components such as:
1101 plasmaroo 1.18 - ck-base-0306300059
1102     - selinux-2.4-2003071106
1103     - grsecurity-2.0-rc1
1104     - Updated IPTables patch-o-matic
1105     - Updated SuperFreeS/WAN
1106    
1107 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1108     updated patch set ready for the 2.4.21 based kernel.
1109    
1110 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1111     Initial import of hardened-sources-2.4.20-r4. This revision
1112     includes only a few changes, but one of these is an important
1113     security fix. It is recommended all users of hardened-sources
1114     upgrade to this release.
1115 plasmaroo 1.18
1116 frogger 1.11 - ioperm bug fix
1117     - fixed compilation failure when building without GRSec
1118 plasmaroo 1.18
1119 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1120     due to time constraints, but is planned for inclusion in the near
1121     future.
1122 msterret 1.10
1123     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1124    
1125     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1126     hardened-sources-2.4.20-r3.ebuild:
1127 plasmaroo 1.18 Add Header...
1128 frogger 1.9
1129     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1130     hardened-sources-2.4.20-r3.ebuild:
1131     Removed warnings from ebuild. This kernel should be safe to
1132     use at this point.
1133 frogger 1.8
1134     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1135    
1136     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1137     hardened-sources-2.4.20-r3.ebuild:
1138     New revision. Includes the following changes over -r2:
1139 plasmaroo 1.18
1140 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1141     - Super FreeS/WAN 1.99.7rc2
1142     - PaX for the LSM/SELinux branch
1143     - GRSecurity 2.0-pre4 (role based access control)
1144     - Systrace 1.3
1145     - EXT3 fixes
1146     - EVMS 2.0.1
1147     - GCC 3.1+ compile optimizations
1148     - ProPolice kernel build support
1149     - Hashing table security fixes
1150 frogger 1.3
1151     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1152 frogger 1.7
1153     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1154     Initial import of hardened-sources-r2. This new
1155     ebuild includes many new performance and security
1156     related patches. As in -r1, it will patch in
1157     LSM/SELinux if "selinux" is in USE, otherwise it
1158     will patch in GRSecurity. The following patches
1159     are included in this revision:
1160 plasmaroo 1.18
1161 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1162     (pulled from the base CK patch)
1163     - ptrace exploit patch for the LSM kernel
1164     (the GRSec patch already fixes this)
1165     - LSM 2.4-2003040709
1166     - SELinux 2.4-2003040709
1167     - Systrace v1.2
1168     - IPTables patch-o-matic base patches - 20030107
1169     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1170     - Super FreeS/WAN 1.99.6.1
1171     - GRSecurity 1.9.9g
1172     - MPPE
1173     - EXT3 data journal fix
1174     - CIPE 1.5.4
1175 frogger 1.6
1176     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1177     hardened-sources-2.4.20-r1.ebuild, manifest:
1178 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1179 frogger 1.5
1180     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1181     hardened-sources-2.4.20-r1.ebuild:
1182     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1183     is patched in instead. Ptrace patches for selinux have also been added. In
1184     either case, systrace support will be patched in as well.
1185 frogger 1.3
1186     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1187     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1188 plasmaroo 1.18 Revision bump for new sources.
1189 frogger 1.4
1190 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1191 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1192 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1193 method 1.1
1194 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1195    
1196 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1197     hardened-sources-2.4.20.ebuild:
1198 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20